PSL Rank

Privacy Policy

Effective date: May 17, 2026

This Privacy Policy describes how Aurelian Syndicate L.L.C. ("we", "our", "us") collects, uses, and protects information when you use the PSLRank iOS app and the website at pslrank.app.

What PSLRank Is

PSLRank is an iOS facial analysis app. Users photograph their face, and an AI system scores them across multiple aesthetic metrics (jawline, eyes, cheekbones, nose, chin, symmetry, facial thirds, midface, skin, posture) and generates an overall PSL score, archetype label, strengths (halos), weaknesses (failos), celebrity facial comparisons, and a personalized improvement plan. The app also includes a daily exercise library for facial improvement and a scan history for tracking progress over time.

1. Data We Collect

1a. Facial Photographs & Images

  • When a user initiates a scan, the app captures or selects a front-facing photo (and optionally a side-profile photo).
  • These images are compressed and transmitted over an encrypted connection to our backend (Supabase Edge Function) for AI analysis.
  • After analysis is complete, the image is stored locally on the user's device as part of their scan history.
  • We do not use facial photographs for identity verification, facial recognition, law enforcement, or advertising targeting.
  • Facial data is used solely to produce the aesthetic scoring and improvement analysis that is the core function of the app.

1b. Analysis Results & Scores

The numerical scores, archetype label, halos, failos, celebrity comparisons, softmaxxing profile, and improvement plan generated from each scan are stored locally on the user's device and, in limited form, on our backend infrastructure to support scan unlock credits and purchase verification.

1c. Anonymous User Identity

The app automatically creates an anonymous account for each user via Supabase anonymous authentication. No name, email, or password is required. Users are identified by a randomly generated UUID. This anonymous ID is used to: (i) associate subscription status with the user, (ii) manage scan unlock credits, (iii) process referral codes, and (iv) query our AI backend.

1d. Onboarding Inputs

During onboarding, users optionally provide gender, age, and aesthetic goals. These inputs personalize scoring displays and exercise recommendations. They are stored locally on the device and associated with the anonymous user record on our backend.

1e. Purchase & Subscription Data

  • Subscription purchases (weekly, monthly, annual) and single-report purchases are processed by Apple's App Store.
  • We use RevenueCat to manage entitlements, verify purchase status, and process subscription lifecycle events. RevenueCat may collect device identifiers, purchase history, and subscription state. See revenuecat.com/privacy.
  • We store subscription status and scan credit balances in our Supabase database associated with your anonymous user ID.

1f. Exercise & Habit Data

Exercise completion records, timestamps, and cooldown states are stored locally on the device using Apple's UserDefaults. This data is not transmitted to our servers.

1g. Usage & Analytics Data

  • We collect anonymized behavioral events to understand how the app is used. Events include: app launch, scan initiation and completion, paywall views, subscription purchases, exercise completions, tab navigation, referral activity, and improvement tab engagement.
  • Analytics event data includes anonymized score bands (e.g., "PSL 3.0–4.4"), not exact scores.
  • Analytics are collected through RevenueCat's analytics integration.
  • We do not sell analytics data to third parties.

1h. Push Notifications

If you grant notification permission, the app sends local device notifications to alert you when a locked exercise becomes available after a cooldown period. These notifications are scheduled locally on-device and are not transmitted through our servers.

1i. Device Information

Standard device information (device type, OS version, device identifier) may be collected automatically by RevenueCat and Supabase for technical functionality, fraud prevention, and analytics.

1j. Crash & Error Reporting

We collect crash reports and error logs in debug builds for technical improvement. These logs do not contain personal data or facial images.

2. How We Use Your Data

We use collected data to:

  • Perform facial aesthetic analysis and deliver your scores and improvement plan
  • Display and track your scan history and progress over time
  • Manage your subscription status and scan credit balance
  • Personalize exercise recommendations based on your weakest scoring metrics and gender
  • Process referral codes and rewards
  • Send local push notifications for exercise unlocks (only with your permission)
  • Improve app performance and fix bugs
  • Analyze aggregate, anonymized usage patterns to improve the product

We do not use your data to:

  • Identify you personally
  • Build advertising profiles
  • Sell your data to third parties
  • Train AI models on your facial images without separate explicit consent
  • Share your facial photographs with any entity other than our AI processing backend

3. Data Sharing & Third Parties

We share data only as necessary to operate the app:

  • Supabase (supabase.com): Backend infrastructure for anonymous authentication, database storage of user records and scan credits, and the Edge Function that powers our AI facial analysis. Data is processed on Supabase's servers. See supabase.com/privacy.
  • OpenAI (openai.com): Our Supabase backend passes your photo to OpenAI's GPT-4o Vision API to perform the aesthetic analysis. OpenAI receives your photo solely to generate your scores and does not store it beyond the processing request, does not use it to train AI models, and does not share it with any third party. OpenAI's data practices provide equivalent privacy protection to our own. See openai.com/privacy.
  • RevenueCat (revenuecat.com): Subscription management, entitlement verification, and analytics. See revenuecat.com/privacy.
  • Apple Inc.: In-app purchase processing, push notification delivery (APNs), and App Store distribution. Apple processes payment data independently; we do not receive your full payment information.

We do not share data with advertising networks, data brokers, or any other third parties beyond those listed above.

4. Data Retention

Face Data Retention

Facial photographs transmitted to our backend (Supabase) for AI analysis are deleted from our servers immediately upon completion of the analysis request — typically within seconds. They are never retained on our servers beyond that point. We delete them immediately because we require them only to perform the one-time analysis; no ongoing storage serves any purpose.

Your photo is transmitted to our servers solely to perform the AI analysis and is held in working memory only for the duration of that request — under 60 seconds in all cases. It is permanently deleted as soon as the analysis scores are returned. We retain face data for no longer than this window because the photo serves no purpose after the score is generated; storing it beyond analysis would create unnecessary privacy risk with no user benefit.

Facial photographs stored locally on your device are retained for as long as you choose to keep them, to allow you to review past scans and track your progress over time. You can delete individual scans or all local data at any time from the app's Settings screen. Local data is also deleted automatically when you uninstall the app. We do not retain local face data beyond your active use of the app.

Derived analysis results (numeric scores and written insights computed from your photos) are stored locally on your device for the same period — until you delete them or uninstall the app — because they are required to provide the core progress-tracking functionality of the app.

  • Anonymous user record & subscription data: Retained on our Supabase backend for as long as your account exists. You may request deletion (see Section 7).
  • Analytics data: Retained per RevenueCat's data retention policies.
  • Exercise & scan data: Stored locally on device. Deleted when you uninstall the app or use the app's reset functionality.

5. AI Processing & Third-Party Data Sharing

PSLRank uses an AI analysis pipeline to evaluate facial aesthetics. To perform this analysis, your facial photograph is transmitted over an encrypted connection to Supabase, our backend infrastructure provider. Supabase processes the photo solely to run the AI analysis and returns the results to your device. Your photo is deleted from Supabase servers immediately after analysis completes. Supabase does not use your photo for any independent purpose, including AI training, advertising, or identification. As noted in Section 3, your photo is also passed to OpenAI's GPT-4o Vision API by our Supabase backend solely to perform the analysis. No other third party beyond Supabase and OpenAI receives your facial photographs. The app discloses this data sharing to you and requires your explicit consent before transmitting any photo for analysis.

6. Children's Privacy

PSLRank is not intended for users under the age of 13. We do not knowingly collect data from children under 13. If you believe a child under 13 has used the app, contact us at support@aureliansyndicate.net and we will delete any associated data.

Users between the ages of 13 and 17 should have parental consent before using the app. The app's content — which includes numerical aesthetic scoring of facial features — is designed for adult users.

7. Your Rights & Data Deletion

You may:

  • Delete your scan history and local data by deleting the app from your device.
  • Request deletion of your backend user record and associated data by emailing support@aureliansyndicate.net with the subject line "Data Deletion Request." We will process requests within 30 days.
  • Opt out of analytics by disabling app tracking through iOS Settings > Privacy & Security > Tracking.
  • Disable push notifications at any time through iOS Settings.
  • Cancel your subscription through the App Store (Settings > Apple ID > Subscriptions).

If you are a California resident, you have rights under the CCPA including the right to know what data we collect, the right to delete it, and the right to opt out of sale (we do not sell personal data). Contact us at support@aureliansyndicate.net.

If you are in the European Economic Area or UK, you have rights under GDPR including access, rectification, erasure, and data portability. Our lawful basis for processing facial image data is consent (your voluntary submission of photos for analysis). Contact us at support@aureliansyndicate.net to exercise these rights.

8. Data Security

We use industry-standard encryption (HTTPS/TLS) for all data transmitted between the app and our backend. Facial images are transmitted over encrypted connections and are not retained on backend servers after analysis. Local device data is protected by iOS's standard sandboxing and device encryption.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will update the effective date at the top of this page. Continued use of the app after changes constitutes acceptance of the updated policy. For material changes, we will make reasonable efforts to notify users.

10. Contact

Aurelian Syndicate L.L.C.
support@aureliansyndicate.net
pslrank.app